Apress

Pro Spring Security

By Carlo Scarioni

Pro Spring Security Cover Image

Pro Spring Security is a comprehensive, pragmatic reference of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications using the Spring and even Grails frameworks.

Full Description

  • ISBN13: 978-1-4302-4818-7
  • 340 Pages
  • User Level: Intermediate to Advanced
  • Publication Date: April 1, 2013
  • Available eBook Formats: EPUB, MOBI, PDF
  • Print Book Price: $49.99
  • eBook Price: $34.99
Buy eBook Buy Print Book Add to Wishlist

Related Titles

Full Description

Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications.

Pro Spring Security will be a reference and advanced tutorial that will do the following:

  • Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up.
  • Demonstrates the different authentication and authorization methods to secure enterprise-level applications by using the Spring Security Framework.
  • Provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications.

What you’ll learn

  • What the basics of securing a Java application, including core security concepts and the step-by-step configuration to include the Spring Security Framework in your web application
  • What tools are available in Spring security to provide login and logout capabilities, with add-ons such as remember-me and password change functionalities.
  • What are the types of authentication mechanisms tailored for enterprise-level Java applications, including LDAP, the Central Authentication Service, OpenID and X.509.
  • How to dive into each of the application layers to control user access to the different architectural elements of your Java application. You will first apply authorization control to each of the components of the Model-View-Controller tier.
  • How to work with Domain Objects and RESTful web services in our authorization queue in order to fully secure our application by using Access Control Lists, along with Object Level and Method Level authorization.
  • How to explore the powerful Grails framework and how to use Spring security in the context of a Groovy on Grails application. You will earn about the core security plugin and others such as OpenID, Facebook and Twitter authentication.

Who this book is for

This book is for Java and Grails developers who would like to secure their applications easily by applying industry’s best practices. I assume a fair knowledge of Java and a basic knowledge of Spring Dependency Injection.

Table of Contents

Table of Contents

1. The Scope of Security
2. Introducing Spring Security
3. Spring Security Architecture and Design
4. Web Security
5. Securing the Service Layer
6. Configuring Alternative Authentication Providers
7. Business Objects Security with ACLs
8. Customizing and Extending Web Security
9. Integrating Spring Security with Other Frameworks and Languages
Source Code/Downloads

Downloads are available to accompany this book.

Your operating system can likely extract zipped downloads automatically, but you may require software such as WinZip for PC, or StuffIt on a Mac.

Errata

If you think that you've found an error in this book, please let us know about it. You will find any confirmed erratum below, so you can check if your concern has already been addressed.

* Required Fields

No errata are currently published